ABSTRACT

The use of the internet and related smart devices encourages mass processing of an individual`s personal data, which commonly leads to a reduction in privacy. In the European Union legislators faced this challenge decisively in 2018, when the General Data Protection Regulation (GDPR) was enforced. Through the idea of “data protection by design and by default”, GDPR seeks to direct the development and use of information communication technology in a way in which personal data processing, taking into account the legitimate interest of the public and private sector, interferes as little as possible with the privacy of individuals. The purpose of this paper is to find out how the GDPR understands “data protection by design and by default”, to analyze and compare different approaches of other authors on understanding “privacy by design”, and to propose a synthesized conceptual model of privacy by design.

摘要

互联网和相关智能设备的使用鼓励对个人的个人数据进行大规模处理，这通常会导致隐私减少。2018 年，欧盟立法者果断地面临这一挑战，当时实施了通用数据保护条例 (GDPR)。通过“设计和默认的数据保护”的理念，GDPR 寻求指导信息通信技术的开发和使用，在考虑到公共和私营部门的合法利益的情况下，个人数据处理会受到干扰尽可能少地保护个人隐私。本文的目的是了解 GDPR 如何理解“设计和默认数据保护””，分析和比较其他作者理解“设计隐私”的不同方法，并提出一个综合的设计隐私概念模型。